Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
boldgrid vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-4932
The Total Upkeep plugin for WordPress is vulnerable to information disclosure in versions up to, and including 1.14.13. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated attacke...
Boldgrid Total Upkeep – Wordpress Backup Plugin Plus Restore & Migrate By Boldgrid
Boldgrid Total Upkeep
8.8
CVSSv3
CVE-2023-25480
Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.
Boldgrid Post And Page Builder By Boldgrid - Visual Drag And Drop Editor
4.8
CVSSv3
CVE-2021-24427
The W3 Total Cache WordPress plugin prior to 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue
Boldgrid W3 Total Cache
7.5
CVSSv3
CVE-2023-5359
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated malicious users to impersonate W3...
Boldgrid W3 Total Cache
1 Github repository
7.5
CVSSv3
CVE-2019-6715
pub/sns.php in the W3 Total Cache plugin prior to 0.9.4 for WordPress allows remote malicious users to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.
Boldgrid W3 Total Cache
1 Github repository
7.5
CVSSv3
CVE-2012-6079
W3 Total Cache prior to 0.9.2.5 exposes sensitive cached database information which allows remote malicious users to download this information via their hash keys.
Boldgrid W3 Total Cache
6.1
CVSSv3
CVE-2021-24436
The W3 Total Cache WordPress plugin prior to 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow...
Boldgrid W3 Total Cache
6.1
CVSSv3
CVE-2021-24452
The W3 Total Cache WordPress plugin prior to 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as t...
Boldgrid W3 Total Cache
4.3
CVSSv2
CVE-2014-8724
Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin prior to 0.9.4.1 for WordPress, when debug mode is enabled, allows remote malicious users to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_I...
Boldgrid W3 Total Cache
6.8
CVSSv2
CVE-2014-9414
The W3 Total Cache plugin prior to 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redire...
Boldgrid W3 Total Cache
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
path traversal
CVE-2025-2657
CVE-2025-30066
CVE-2025-24813
apache commons vfs
CVE-2025-2478
validation
CVE-2025-2674
code injection
medical card generation system
microsoft edge (chromium-based)
CVE-2025-2688
cicadascms
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »
Vulmon